Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/0c70401c-7f41-4a6b-9434-cc80dca093e6/2/326130623a346530373a3232303a3a2f34342d3434203d3e203133383532.roa
File: 326130623a346530373a3232303a3a2f34342d3434203d3e203133383532.roa (raw, json)
Hash identifier: KpzdZC8AvhojT4cT3tKQhhJ3aqvJ7AQm4+TXUHIlleo=
Subject key identifier: 31:B9:99:44:3E:12:68:0A:B9:1E:37:34:FE:48:2C:B7:7A:5A:C6:80
Certificate issuer: /CN=D18207466AB0A7D7D1EF3C7CD02E80BED58340BC
Certificate serial: 6C968185E9823FF1945BDDB962BEBE22118BCA5A
Authority key identifier: D1:82:07:46:6A:B0:A7:D7:D1:EF:3C:7C:D0:2E:80:BE:D5:83:40:BC
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/D18207466AB0A7D7D1EF3C7CD02E80BED58340BC.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/0c70401c-7f41-4a6b-9434-cc80dca093e6/2/326130623a346530373a3232303a3a2f34342d3434203d3e203133383532.roa
Signing time: Mon 23 Sep 2024 22:45:29 +0000
ROA not before: Mon 23 Sep 2024 22:40:29 +0000
ROA not after: Mon 22 Sep 2025 22:45:29 +0000
asID: 13852
IP address blocks: 2a0b:4e07:220::/44 maxlen: 44
Validation: Failed, certificate revoked on Mon 30 Sep 2024 19:17:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:96:81:85:e9:82:3f:f1:94:5b:dd:b9:62:be:be:22:11:8b:ca:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D18207466AB0A7D7D1EF3C7CD02E80BED58340BC
Validity
Not Before: Sep 23 22:40:29 2024 GMT
Not After : Sep 22 22:45:29 2025 GMT
Subject: CN=31B999443E12680AB91E3734FE482CB77A5AC680
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:61:df:49:23:a9:2e:ce:b6:06:1a:0e:41:7c:
c3:f2:35:ac:2f:af:1d:15:3d:a7:f7:cb:02:c6:89:
1c:69:4a:86:82:e4:cf:08:2f:73:a3:3f:cc:62:cd:
c2:2e:68:d8:7e:90:13:10:ff:31:42:17:6c:87:38:
c4:6a:6c:eb:ad:c2:45:8a:35:50:3e:44:f9:54:8c:
0e:ad:a2:07:66:91:8d:34:61:8b:a2:44:72:c7:7b:
16:2f:ca:46:eb:23:5c:ad:31:33:a5:46:7f:04:5f:
21:59:40:d4:a6:72:3e:6b:05:c0:0d:05:f4:77:88:
7a:1b:b1:f8:45:3c:65:4b:23:a4:d2:a5:71:56:23:
92:66:03:0e:6c:82:fb:8d:01:a1:e5:2d:8b:ad:03:
ba:f2:0a:1e:72:69:2e:20:22:8c:7f:2a:95:c2:64:
75:58:fc:bd:a1:cb:f0:82:9b:04:20:b1:21:e4:7b:
a5:3d:8a:31:55:28:32:f7:4f:48:8c:b2:d0:a5:5c:
83:f2:07:40:3c:e5:42:b0:54:db:bb:08:70:ea:8e:
c9:86:38:16:77:54:55:8a:27:3c:e9:82:9d:8b:0a:
35:fd:e3:a8:9b:07:9b:12:68:16:ae:80:41:f3:8b:
f5:18:d3:bb:22:f8:f7:f7:52:c7:c7:96:5e:a9:0c:
ab:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:B9:99:44:3E:12:68:0A:B9:1E:37:34:FE:48:2C:B7:7A:5A:C6:80
X509v3 Authority Key Identifier:
keyid:D1:82:07:46:6A:B0:A7:D7:D1:EF:3C:7C:D0:2E:80:BE:D5:83:40:BC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/0c70401c-7f41-4a6b-9434-cc80dca093e6/2/D18207466AB0A7D7D1EF3C7CD02E80BED58340BC.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/D18207466AB0A7D7D1EF3C7CD02E80BED58340BC.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/0c70401c-7f41-4a6b-9434-cc80dca093e6/2/326130623a346530373a3232303a3a2f34342d3434203d3e203133383532.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:4e07:220::/44
Signature Algorithm: sha256WithRSAEncryption
5b:50:74:67:00:75:ee:46:cf:6d:c1:e7:9a:5e:28:45:cc:3c:
60:41:3e:65:87:87:64:af:d9:4a:db:9c:c0:98:35:00:93:6f:
a8:c1:d3:93:be:a5:c3:20:72:c5:47:96:24:e0:25:31:d4:74:
9e:72:20:a7:b8:55:98:cf:f1:6e:90:fe:ab:fe:b8:0c:89:c1:
37:98:ce:ab:30:19:76:d0:b2:84:62:06:79:fe:34:04:d6:af:
0c:ac:1b:aa:e6:a2:55:c2:05:ca:37:55:67:3e:73:b1:8e:36:
c4:bc:0f:cf:ab:fc:f9:91:85:3b:0f:61:5b:36:93:08:33:d0:
0c:40:5f:b1:ca:f0:a7:b3:41:5f:f7:21:9f:45:54:0b:2b:9d:
a4:5d:76:9c:3f:51:7f:c3:8b:af:33:da:fa:83:30:24:4c:5d:
af:0a:62:4e:36:8d:43:56:e9:8d:cf:c7:78:c8:ea:df:2f:52:
96:ad:fa:45:42:d1:71:fb:bd:51:57:2b:04:1d:0c:6a:31:e6:
0f:4e:49:77:ec:40:b3:ad:21:cb:9b:a1:1e:26:20:f0:5f:dd:
40:fb:f6:0e:91:19:c6:f6:a0:9d:d6:04:56:0e:91:d1:5d:88:
45:75:63:62:46:17:f6:34:ba:b8:3c:ee:e7:b4:38:59:42:cb:
40:02:38:e0
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgIUbJaBhemCP/GUW925Yr6+IhGLylowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDE4MjA3NDY2QUIwQTdEN0QxRUYzQzdDRDAyRTgwQkVE
NTgzNDBCQzAeFw0yNDA5MjMyMjQwMjlaFw0yNTA5MjIyMjQ1MjlaMDMxMTAvBgNV
BAMTKDMxQjk5OTQ0M0UxMjY4MEFCOTFFMzczNEZFNDgyQ0I3N0E1QUM2ODAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5Yd9JI6kuzrYGGg5BfMPyNawv
rx0VPaf3ywLGiRxpSoaC5M8IL3OjP8xizcIuaNh+kBMQ/zFCF2yHOMRqbOutwkWK
NVA+RPlUjA6togdmkY00YYuiRHLHexYvykbrI1ytMTOlRn8EXyFZQNSmcj5rBcAN
BfR3iHobsfhFPGVLI6TSpXFWI5JmAw5sgvuNAaHlLYutA7ryCh5yaS4gIox/KpXC
ZHVY/L2hy/CCmwQgsSHke6U9ijFVKDL3T0iMstClXIPyB0A85UKwVNu7CHDqjsmG
OBZ3VFWKJzzpgp2LCjX946ibB5sSaBaugEHzi/UY07si+Pf3UsfHll6pDKs5AgMB
AAGjggKBMIICfTAdBgNVHQ4EFgQUMbmZRD4SaAq5Hjc0/kgst3paxoAwHwYDVR0j
BBgwFoAU0YIHRmqwp9fR7zx80C6AvtWDQLwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMGM3MDQwMWMtN2Y0MS00YTZiLTk0MzQtY2M4MGRjYTA5
M2U2LzIvRDE4MjA3NDY2QUIwQTdEN0QxRUYzQzdDRDAyRTgwQkVENTgzNDBCQy5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS83M2I4ZWMwMS04YmE1LTQ3
OWYtYTIyOS0wYWI3MGU0ODE1YmIvMC9EMTgyMDc0NjZBQjBBN0Q3RDFFRjNDN0NE
MDJFODBCRUQ1ODM0MEJDLmNlcjCBswYIKwYBBQUHAQsEgaYwgaMwgaAGCCsGAQUF
BzALhoGTcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS8wYzcwNDAxYy03ZjQxLTRhNmItOTQzNC1jYzgwZGNhMDkzZTYvMi8zMjYxMzA2
MjNhMzQ2NTMwMzczYTMyMzIzMDNhM2EyZjM0MzQyZDM0MzQyMDNkM2UyMDMxMzMz
ODM1MzIucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcB
Af8EEzARMA8EAgACMAkDBwQqC04HAiAwDQYJKoZIhvcNAQELBQADggEBAFtQdGcA
de5Gz23B55peKEXMPGBBPmWHh2Sv2UrbnMCYNQCTb6jB05O+pcMgcsVHliTgJTHU
dJ5yIKe4VZjP8W6Q/qv+uAyJwTeYzqswGXbQsoRiBnn+NATWrwysG6rmolXCBco3
VWc+c7GONsS8D8+r/PmRhTsPYVs2kwgz0AxAX7HK8KezQV/3IZ9FVAsrnaRddpw/
UX/Di68z2vqDMCRMXa8KYk42jUNW6Y3Px3jI6t8vUpat+kVC0XH7vVFXKwQdDGox
5g9OSXfsQLOtIcuboR4mIPBf3UD79g6RGcb2oJ3WBFYOkdFdiEV1Y2JGF/Y0urg8
7ue0OFlCy0ACOOA=
-----END CERTIFICATE-----
Generated at Mon Sep 30 23:03:39 2024 by rpki-client on console-ams.rpki-client.org